Page MenuHomePhabricator
Files F34662816

T279090-PS6.patch
Reedy (Sam Reed)
Actions

Authored By
Reedy
Sep 30 2021, 3:00 PM
Size
1 KB
Referenced Files
None
Subscribers
None

T279090-PS6.patch
View Options

From fc262d13625535ac1bfb3800d373eecc151e8ddc Mon Sep 17 00:00:00 2001
From: RhinosF1 <rhinosf1@gmail.com>
Date: Wed, 21 Apr 2021 14:16:18 -0500
Subject: [PATCH] SECURITY: Check permissions before job execution
CVE-2021-41801
Bug: T279090
Change-Id: Ibc299edf626ca9aa1cd9d83b888820f5aca9af7c
---
src/Job.php | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/src/Job.php b/src/Job.php
index b892520..f046033 100644
--- a/src/Job.php
+++ b/src/Job.php
@@ -51,6 +51,16 @@ class Job extends JobParent {
* @return bool success
*/
function run() {
+ // T279090
+ $current_user = User::newFromId( $this->params['user_id'] );
+ $permissionManager = MediaWikiServices::getInstance()->getPermissionManager();
+ if ( !$permissionManager->userCan(
+ 'replacetext', $currentuser, $this->title
+ ) ) {
+ $this->error('replacetext: permission no longer valid');
+ return true; // T279090#6978214
+ }
+
if ( isset( $this->params['session'] ) ) {
$callback = RequestContext::importScopedSession( $this->params['session'] );
$this->addTeardownCallback( static function () use ( &$callback ) {
--
2.30.1 (Apple Git-130)

File Metadata

Mime Type
text/x-diff
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
9192719
Default Alt Text
T279090-PS6.patch (1 KB)

Event Timeline

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits